How to extract a public certificate and private key from .pfx for use in GMS/Analyzer 7.2 and later

03/26/2020 1120 17069

DESCRIPTION:
How to import the custom certificate to GMS/Analyzer 7.2

RESOLUTION:

1. Prepare your certificate issued by CA in .pfx format (eg. certificate.pfx) and the password key

2. Install OpenSSL on your system - for the installation file refer to the following url: https://www.openssl.org/source/

3. Take the .pfx file (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed.

   Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.

4. Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem output = cert.pem

5. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes output = key.pem

6. Run the following command if you wish to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key

7. Login to the appliance (system) interface of the GMS/Analyzer and under System/Deployment/Settings/SSL Access configuration select Custom button.

8. Under Certificate file browse for the cert.pem file created in the step 4.

9. Under Certificate Key file browse for the key.pem file created in the step 5.

10. Provide the certificate password in the Certificate password field.

11. Click on update button. GMS will reboot and your new custom certificate will be installed.